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DETAILED ACTION 

1 . This office action is in response to the communication filed on 05/1 5/2008. 

2. Claims 1-20 are pending. 

Response to Arguments 

3. Applicant's arguments on the first and second rejections have been fully 
considered but they are found unpersuasive. 

First ground of rejection 

4. Applicant argues that the prior art does not teach "accessing current available 
bandwidths of the first and second processing units" (page 3 of the Remarks). The 
examiner respectfully traverses. The prior art does teach "accessing current available 
bandwidths of the first and second processing units" (see Venkatanarayan, fig. 1, 
abstract, [0015], lines 15-25, load balancing across active adaptors by selecting an 
adaptor (processing units) with the most available bandwidth) 

Applicant argues that the prior art does not teach current available bandwidth 
being determined by accessing the initial expected available bandwidth as decremented 
by other processing requirements for that system processing unit (page 3, last par.) The 
examiner respectfully traverses. Given its broadest reasonable interpretation, the above 
limitation simply means that the current available bandwidth is the total bandwidth of a 
processing unit decremented by occupied bandwidth. Although this is extremely known 
in the art, the examiner has relied on Shneyderman to explain this limitation. 
Shneyderman teaches each available virtual router (GGSN) tunnel has dedicated 
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allocated resources (including dedicated memory and CPU cycles) that is separate from 
others' resources (page 7 [0011], fig. 10, GGSN cluster); therefore, provisioning or 
assigning a virtual router tunnel is based on the amount of available processing power 
of each routing engines (system processing units), meaning available processing power 
of each routing engine is its unoccupied processing power (or total processing power 
subtracted by allocated processing power). The relationship between processing power 
such as CPU power and bandwidth is disclosed by Chen (abstract, par. 2, different 
CPUs have their own processing speeds that is related to their throughput or bandwidth, 
5.2, par. 2, e.g. a CPU can forward 239,234 packets per second). Therefore, 
provisioning or assigning a virtual router tunnel is based on the amount of available 
processing power or available bandwidth of each routing engine (or system processing 
unit) is disclosed by the prior art. For claims 1 1 and 12, no clear distinction between 
absolute bandwidth capacity and relative bandwidth capacity and initial expected 
available bandwidth of each processing processor (or total BW), therefore, either 
absolute bandwidth capacity and relative bandwidth capacity is read as total bandwidth 
of a processing processor. 

Second ground of rejection 
5. Applicant argues that the prior art does not teach "accessing current available 
bandwidths of the first and second processing units" (page 5 of the Remarks). The 
examiner respectfully traverses. The prior art does teach "accessing current available 
bandwidths of the first and second processing units" (see Pham, [0061], [0062], load 
balancing by selecting a least loaded processor by calculating smallest completion time 
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of a fixed size data packet at each processor, available bandwidth is therefore 
calculated as known in the art, available BW = size/time, [0014], assessing available 
bandwidth of each data processing engine to load balance the traffic among the data 
processing engines). 

In response to applicant's argument that Pham teaches away from the claimed 
invention, there is no disclosure, teachings and/or suggestions in Pham that would 
enable one of ordinary skilled in the art to conclude that Pham avoids (criticizes, 
discredits, or otherwise discourages) assigning VPN tunnels to each data processor 
based on Pham's load balancing technique. See In re Fulton, 391 F.3d 1195, 1201, 73 
USPQ2d 1 141 , 1 146 (Fed. Cir. 2004) [However, "the prior art's mere disclosure of more 
than one alternative does not constitute a teaching away from any of these alternatives 
because such disclosure does not criticize, discredit, or otherwise discourage the 
solution claimed...."]. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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7. Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Chen et al. (Flexible control of a parallelism in a multiprocessor PC router, hereafter 
Chen) and further in view of applicant's admitted prior art (Background of the 
application, hereafter AAPA), and Venkatanarayan et al. (US 2005/0044221, hereafter 
Venkatanarayan) and Shneyderman et al. (Mobile VPNs for next generation GPRS and 
UMTS networks, hereafter Shneyderman). 

8. For claim 1 , Chen discloses a method of allocating processing capacity of system 
processing units in an extranet gateway, the method comprising the steps of: 

establishing a first initial expected available bandwidth of a first of the system 
processing units; establishing a second initial expected available bandwidth of a second 
of the system processing units (abstract, par. 2, different CPUs have their own 
processing speeds that is related to their throughput or bandwidth, 5.2, par. 2, e.g. a 
CPU can forward 239,234 packets per second); and 

Chen does not explicitly disclose: 

assigning a Virtual Private Network (VPN) tunnel to one of the first and second 
system processing units for processing 

However, AAPA discloses the same (AAPA, [0010], assigning tunnels to 
processing units) 

Chen-AAPA does not disclose by assessing current available bandwidths of the 
first and second system processing units; 
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However, Venkatanarayan discloses by assessing current available bandwidths 
of the first and second system processing units (fig. 1, abstract, [0015], lines 15-25, load 
balancing across active adaptors by selecting an adaptor (processing units) with the 
most available bandwidth), 

Chen-AAPA- Venkatanarayan does not disclose: 

the current available bandwidths being determined by assessing the initial 
expected available bandwidth for that system processing unit as decremented by other 
processing requirements for that system processing unit; 

However, Shneyderman discloses the current available bandwidths being 
determined by assessing the initial expected available bandwidth for that system 
processing unit as decremented by other processing requirements for that system 
processing unit (page 7, par. 6, the current available bandwidth is the processing power 
of routing/tunneling engines available, page 7, par. 11, current available resources is 
available resource of each route processor engine RPE that CPU resources can be 
preoccupied by virtual routers). 

Therefore, it would have been obvious for one skilled in the art at the time of the 
invention to combine the teachings of Chen-AAPA-Venkatanarayan-Shneyderman to 
load balance VPN tunnels to processors that has the most available resources to fully 
utilize the processing capability of the processors and therefore raise throughput level of 
VPN gateway. 
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9. For claim 2, Chen-AAPA-Venkatanarayan-Shneyderman further discloses one of 
the other processing requirements comprises overhead processing requirements 
(Shneyderman, page 5 par. 1). 

1 0. For claim 3, Chen-AAPA-Venkatanarayan-Shneyderman further discloses one of 
the other processing requirements comprises processing requirements associated with 
other VPN tunnel assignments (Venkatanarayan, fig. 2, [0017] line 11, Shneyderman, 
page 7, last par., use load balancing algorithm to select the most available bandwidth 
processor compared to other VPN tunnels). 

1 1 . For claim 4, Chen-AAPA-Venkatanarayan-Shneyderman further discloses one of 
the other processing requirements comprises processing requirements associated with 
another SPU handling a VPN tunnel assignment (Venkatanarayan, fig. 1, abstract, 
[0015], lines 15-25, load balancing across active adaptors by selecting an adaptor 
(processing units) with the most available bandwidth; Shneyderman, page 7, last par., 
use load balancing algorithm to select the most available bandwidth processor 
compared to processor with VPN assignments). 

12. For claim 5, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
processing requirements associated with other VPN tunnel assignments comprise 
encapsulation and de-encapsulation processing requirements for the other VPN tunnels 
(Shneyderman, page 4, par. 3, encapsulation VPN tunnel). 



Application/Control Number: 10/736,062 
Art Unit: 2152 



Page 8 



1 3. For claim 6, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
processing requirements associated with other VPN tunnel assignments comprise at 
least one of encryption and de-encryption processing requirements for the other VPN 
tunnels (Shneyderman, page 9, IPSec based MVPN, par. 1, fig. 7, IPSec tunnel). 

14. For claim 7, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
first initial expected available bandwidth is established by multiplying a first processor 
speed associated with the first system processing unit with a first conversion factor, and 
wherein the second initial expected available bandwidth is established by multiplying a 
second processor speed associated with the second system processing unit with a 
second conversion factor (Chen, section 5.1, 5.2, a 500 Mhz processor can process up 
to 239,234 pps, the conversion factor is 500/239,234). 

1 5. For claim 8, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
first conversion factor is the same as the second conversion factor (Chen, 5.1 , 5.2, four 
500 Mhz CPUs have same conversion factors). 

16. For claim 9, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
first conversion factor is defined as the amount of bandwidth passable by a given 
processor per unit CPU speed (Chen, 5.1, 5.2). 
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1 7. For claim 1 0, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
step of assigning the VPN tunnel to one of the first and second system processing units 
comprises assigning the VPN tunnel to the system processing unit having the highest 
current available bandwidth (Venkatanarayan, fig. 1, abstract, [0015], lines 15-25, load 
balancing across active adaptors by selecting an adaptor (processing units) with the 
most available bandwidth) 

18. For claim 1 1 , Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
highest current available bandwidth is based on an absolute bandwidth capacity basis 
(Venkatanarayan, fig. 1, abstract, [0015], lines 15-25, load balancing across active 
adaptors by selecting an adaptor (processing units) with the most available bandwidth) 

1 9. For claim 1 2, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
highest current available bandwidth is based on a relative bandwidth capacity basis 
(Venkatanarayan, fig. 2, [0017] line 11, use load balancing algorithm to select a port 
with the most available bandwidth for forwarding packets). 

20. For claim 1 3, Chen-AAPA-Venkatanarayan-Shneyderman further discloses the 
step of reducing the current available bandwidth for the one of the first and second 
system processing units to which the VPN tunnel was assigned (Shneyderman, page 7, 
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last par., each virtual router takes up CPU resources of a RPE, therefore reducing the 
maximum available bandwidth that CPU can support). 



21. 


For claim 14, the claim is rejected for the same rationale 


as in claim 1. 


22. 


For claim 15, the claim is rejected for the same rationale 


as in claims 2, 3, and 4. 


23. 


For claim 16, the claim is rejected for the same rationale 


as in claim 6. 


24. 


For claim 17, the claim is rejected for the same rationale 


as in claim 7. 


25. 


For claim 18, the claim is rejected for the same rationale 


as in claim 8. 


26. 


For claim 19, the claim is rejected for the same rationale 


as in claim 10. 


27. 


For claim 20, the claim is rejected for the same rationale 


as in claim 1 1 . 



Second rejection 

28. Claims 1 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Chen et al. (Flexible control of a parallelism in a multiprocessor PC router, hereafter 
Chen) and further in view of applicant's admitted prior art (Background of the 
application, hereafter AAPA), and Pham etal. (US 2003/0074473, hereafter Pham) and 
Shneyderman et al. (Mobile VPNs for next generation GPRS and UMTS networks, 
hereafter Shneyderman). 

29. For claim 1 , Chen discloses a method of allocating processing capacity of system 
processing units in an extranet gateway, the method comprising the steps of: 
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establishing a first initial expected available bandwidth of a first of the system 
processing units; establishing a second initial expected available bandwidth of a second 
of the system processing units (4.1, par. 2, different CPUs have their own processing 
speeds that is related to their throughput or bandwidth, 5.2, par. 2, e.g. a CPU can 
forward 239,234 packets per second); and 

Chen does not explicitly disclose: 

assigning a Virtual Private Network (VPN) tunnel to one of the first and second 
system processing units for processing 

However, AAPA discloses the same (AAPA, [0010], assigning tunnels to 
processing units) 

Chen-AAPA does not disclose by assessing current available bandwidths of the 
first and second system processing units; 

However, Pham discloses by assessing current available bandwidths of the first 
and second system processing units (fig. 3, a plurality of processors in a VPN gateway, 
[0060], [0061], lines 1-8, [0062] lines 1-10, selection of a crypto engine (or any 
processor engine) is based on its completion time delta, or its bandwidth (time 
completing processing for a same packet size, [0056], [0014], assessing available 
bandwidth of each data processing engine to load balance the traffic among the data 
processing engines), 

Chen-AAPA-Pham does not disclose: 
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the current available bandwidths being determined by assessing the initial 
expected available bandwidth for that system processing unit as decremented by other 
processing requirements for that system processing unit; 

However, Shneyderman discloses the current available bandwidths being 
determined by assessing the initial expected available bandwidth for that system 
processing unit as decremented by other processing requirements for that system 
processing unit (page 7, par. 6, the current available bandwidth is the processing power 
of routing/tunneling engines available, page 7, par. 11, current available resources is 
available resource of each route processor engine RPE that CPU resources can be 
preoccupied by virtual routers). 

Therefore, it would have been obvious for one skilled in the art at the time of the 
invention to combine the teachings of Chen-AAPA-Pham-Shneyderman to load balance 
VPN tunnels to processors that has the most available resources to fully utilize the 
processing capability of the processors and therefore raise throughput level of VPN 
gateway. 

30. For claim 14, the claim is rejected for the same rationale as in claim 1 . 

Conclusion 

31 . THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

32. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Hieu T. Hoang whose telephone number is 571-270- 
1253. The examiner can normally be reached on Monday-Thursday, 8 a.m.-5 p.m., 
EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob Jaroenchonwanit can be reached on 571-272-3913. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

HH 

/Bunjob Jaroenchonwanit/ 

Supervisory Patent Examiner, Art Unit 2152 



